| 1 |
On 14.03.02 13:34 +0100(+0000), Morten Liebach wrote: |
| 2 |
> On 2002-03-14 11:29:14 +0200, Einar Karttunen wrote: |
| 3 |
> > On 14.03.02 10:11 +0100(+0000), kn@××××××××××.dk wrote: |
| 4 |
> > > Chroot |
| 5 |
> > I have an jail ebuild if someone is interested. |
| 6 |
> |
| 7 |
> As in FreeBSD jail(8)? Sounds very very interesting. |
| 8 |
> |
| 9 |
|
| 10 |
No, as in jail chroot project, see |
| 11 |
http://www.gsyc.inf.uc3m.es/~assman/jail/ |
| 12 |
|
| 13 |
The biggest problem is proc, which some apps |
| 14 |
need but leaks too much info even with grsecurity. |
| 15 |
Now if only it would be possible to have |
| 16 |
two different proc filesystems mounted: |
| 17 |
one normal, and one with only the data necessary to |
| 18 |
run apps. |
| 19 |
|
| 20 |
- Einar Karttunen |
Archives